package com.fenghongzhang.homework.shiro;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

public class HWShiroRealm extends AuthorizingRealm {

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        //Log.info("配置当前用户权限");


        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        //得到所有的权限
//		for (SysRole role : user.getRoleList()) {
//            authorizationInfo.addRole(role.getRole());  // 添加角色
//            for (SysPermission permission : role.getPermissions()) {
//                authorizationInfo.addStringPermission(permission.getPermission());  // 添加具体权限
//            }
//        }

        //先添加一个固定的(mrsfeng就是管理员权限)
        authorizationInfo.addRole("mrsfeng");
        authorizationInfo.addStringPermission("mrsfeng");
        return authorizationInfo;
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        // 认证用户身份信息
        String username = (String) token.getPrincipal(); // 获取用户登录账号

        //md5加密
//		String string = MessageDigest.getInstance("md5").digest("user".getBytes()).toString();
//
//        if(null == userInfo){
//            return null;
//        }

        // 1). principal: 认证的实体信息. 可以是 username, 也可以是数据表对应的用户的实体类对象.
        Object principal = username;
        // 2). credentials: 加密后的密码.
//        Object credentials = userInfo.getPwd();
        // 3). realmName: 当前 realm 对象的唯一名字. 调用父类的 getName() 方法
        String realmName = getName();
        // 4). credentialsSalt: 盐值. 注意类型是ByteSource
//        ByteSource credentialsSalt = ByteSource.Util.bytes(ShiroConst.SLAT_STRING);
//        SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(principal, credentials, realmName);

        return null;
    }
}
